FCC Proposes Cybersecurity Reporting Requirements for 9 Carriers in Draft NPRM
The FCC will take a series of steps aimed at addressing cybersecurity challenges during the commissioners' June 6 open meeting (see 2405150042). A draft NPRM released Thursday would seek comment on a proposal to impose specific reporting requirements on nine service providers as part of the agency's effort to increase border gateway protocol and resource public key infrastructure security, which assist routing traffic across the internet.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
The draft proposed requiring that AT&T, Altice, Charter Communications, Comcast, Cox, Lumen, T-Mobile, Telephone & Data Systems and Verizon file data quarterly on their progress in route origin authorization registrations and BGP plans. "These significant providers are likely to originate routes covering a large proportion of the IP address space" in the U.S. and will "play critical roles ensuring effective implementation of [route origin validation] filtering," the draft said.
The internet is "a key part of the national cyber infrastructure," the draft item said. If adopted, the proposed rules would cover broadband internet access service providers that offer service on a mass market retail basis under Title II of the Communications Act.
A draft order proposing a three-year, $200 million pilot program that uses USF funds for cybersecurity services and gear to protect school and library broadband networks notes that the FCC previously decided against such funding. The program would be open to all eligible schools and libraries, including those that don’t currently participate in the E-rate program.
The pilot “is a critical next step to evaluate whether, and to what extent, the Commission should leverage the USF to support the cybersecurity needs of schools and libraries,” the draft cybersecurity order says: “By proceeding via a short-term Pilot Program, the Commission can gather key data on the types of cybersecurity services and equipment that K-12 schools and libraries need to protect their broadband networks and securely connect students, school staff, and library patrons to advanced communications that are integral to education.”
The draft notes that some comments on the program urged a time frame of 18 months or less for the pilot. (see 2402270071). “A three-year Pilot Program will give us the time to evaluate whether universal service support should be used to fund cybersecurity services and equipment on a permanent basis,” the draft says. Schools and school districts would receive up to $13.60 per student over the duration of the pilot, libraries up to $15,000. All school districts selected will receive, at a minimum, $15,000 in support. The funding floor ensures “that even the smallest schools and school districts can receive support sufficient to purchase a variety of cybersecurity services and equipment.”
“We note that program participation by applicants and service providers is voluntary, and we expect that Pilot participants will carefully weigh the benefits, costs, and burdens of participation to ensure that the benefits outweigh their costs,” draft contends: The pilot “will also enable us to evaluate the estimated economic benefits of using universal service support for cybersecurity services and equipment, compared to its cost to the Fund."
The pilot “will provide valuable insights into the most effective cybersecurity and advanced firewall services for safeguarding the networks and data of educational institutions,” said the Consortium for School Networking.
The commissioners will also vote on an NPRM seeking comment on requiring low-power TV stations to maintain online public files and proposing a host of tweaks and additional requirements governing all LPTV stations. The draft item proposes requiring either top-four network-affiliated LPTV stations or LPTV stations that are among the top-rated four TV stations in their markets to maintain online public files similar to full-power TV stations. The draft NPRM also proposes extending the FCC’s public inspection and political broadcasting rules -- such as lowest unit charge -- to all LPTV stations. Along with expanded record-keeping requirements, the NPRM seeks comments on numerous proposed changes to the LPTV rules, such as a notification requirement for stations shifting to serving as TV translators, stricter call sign requirements, and clarifications to the distance stations can relocate under the minor modification rules.
“While some LPTV stations remain small, independently owned stations, others are part of large station groups” and “are significant enough voices in their communities to attract requests to carry political advertising,” the draft NPRM said. The proposed changes are intended “to ensure that LPTV Service continues to flourish and serve the public interest.” Some proposed rule changes would codify or clarify policies that have effectively been in place for awhile, but the combination of new requirements but could prove burdensome to some LPTV owners, said Wilkinson Barker broadcast attorney Davina Sashkin. She said the draft NPRM appears intended to give LPTV stations many of the same obligations as full-power TV stations but without the accompanying benefits.
Commissioners will also consider an NPRM that would seek comment on whether existing Weiss bank rating standards should be modified and whether to allow Rural Digital Opportunity Fund recipients to lower the value of their letters of credit to one year of support that meets certain requirements. A draft NPRM noted that several Connect America Fund Phase II and RDOF recipients have sought a waiver of the requirements, while others have raised concerns about the "reliability of the Weiss ratings."